Nmap Development mailing list archives
Re: [NSE][PATCH] datafiles.lua
From: jah <jah () zadkiel plus com>
Date: Thu, 11 Sep 2008 05:02:04 +0100
On 10/09/2008 09:50, Sven Klemm wrote:
Ah I didn't think of that case. I've modified the patch to handle this situation by checking for value being a table. If value is a table then anything supplied as index will be used literally. I don't see { ["hello"] = "nmap" } as problem if a script author wants a file parsed that way he should get it. I am currently using {["^[a-f0-9]+"]=""} in my SSH weak key script. I could easily modify it to make it work with the current version but I thought the check was too constraining. I am using an empty string as value because I am only interested in a hash table with strings as key for easy checking whether a key is in the file.
{ ["^([a-f0-9]+)"] = "" } (note the capture) would have worked in your SSH weak key script, but I think you're right that the user should have it their way, even if, like the examples we've discussed, the data returned is garbage. And of course, there may be legitimate uses for matching with plain strings which I hadn't considered before. So I've tested the code with your patch and fixed some bugs and a couple of typo's, most of which were present from the start: not returning services in the same fashion as parse_services(protocol) did; bad logic prevented parse_file( filename, { } ) from returning an array of lines where filename was one of Nmap's data files (as it does for other files); creating a table key with a value of nil when the pattern for the key matches, but the pattern for the value doesn't - this was made most obvious by the recent changes as it prevented them returning the correct data and; a few minor details. The attached contains two patches. datafiles.patch will patch the svn version when patched with your patch at [1]. combined.patch will patch the svn version and combines the two patches. Regards, jah [1] - http://seclists.org/nmap-dev/2008/q3/0791.html
Attachment:
datafiles.tar.gz
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE][PATCH] datafiles.lua Sven Klemm (Sep 09)
- Re: [NSE][PATCH] datafiles.lua jah (Sep 09)
- Re: [NSE][PATCH] datafiles.lua Sven Klemm (Sep 10)
- Re: [NSE][PATCH] datafiles.lua jah (Sep 10)
- Re: [NSE][PATCH] datafiles.lua Sven Klemm (Sep 13)
- Re: [NSE][PATCH] datafiles.lua jah (Sep 13)
- Re: [NSE][PATCH] datafiles.lua Sven Klemm (Sep 15)
- Re: [NSE][PATCH] datafiles.lua David Fifield (Sep 15)
- Re: [NSE][PATCH] datafiles.lua Sven Klemm (Sep 10)
- Re: [NSE][PATCH] datafiles.lua jah (Sep 09)